sIDMG: small-size intrusion detection model generation of complimenting decision tree classification algorithm

Authors:
Seung-Hyun Paek;Yoon-Keun Oh;Do-Hoon Lee
Affiliations:
National Security Research Institute, Daejeon, Korea;National Security Research Institute, Daejeon, Korea;National Security Research Institute, Daejeon, Korea
Venue:
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Year:
2006

Citing 17
Cited 0

Instance-Based Learning Algorithms

Machine Learning
C4.5: programs for machine learning

C4.5: programs for machine learning
Mining business databases

Communications of the ACM
The data warehouse and data mining

Communications of the ACM
Mining scientific data

Communications of the ACM
Fast training of support vector machines using sequential minimal optimization

Advances in kernel methods
BOAT—optimistic decision tree construction

SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
A Comparison of Prediction Accuracy, Complexity, and Training Time of Thirty-Three Old and New Classification Algorithms

Machine Learning
A framework for constructing features and models for intrusion detection systems

ACM Transactions on Information and System Security (TISSEC)
Neural Networks for Pattern Recognition

Neural Networks for Pattern Recognition
Machine Learning

Machine Learning
Pattern Recognition and Neural Networks

Pattern Recognition and Neural Networks
Data Mining: Introductory and Advanced Topics

Data Mining: Introductory and Advanced Topics
Automatic Construction of Decision Trees from Data: A Multi-Disciplinary Survey

Data Mining and Knowledge Discovery
Efficient C4.5

IEEE Transactions on Knowledge and Data Engineering
Induction of Decision Trees

Machine Learning
Improvements to Platt's SMO Algorithm for SVM Classifier Design

Neural Computation

Quantified Score

Hi-index	0.00

Visualization

Abstract

Most of researches for intrusion detection model using data mining technology have been dedicated to detection accuracy improvement. However, the size of intrusion detection model (e.g. detection rules) is as important as detection accuracy. In this paper, a method sIDMG is proposed for small-size intrusion detection model generation by using our classification algorithm sC4.5. We also propose an algorithm sC4.5 for small-size decision tree induction for a specific data by complimenting the split-attribute selection criteria of C4.5 during the tree induction. The approach of sC4.5 is to select the next highest gain ratio attribute as the split attribute if the training data set is satisfied with bias properties of C4.5. The results of performance evaluation gives that sC4.5 preserves detection accuracy of C4.5 but the decision tree size of sC4.5 is smaller than the existing C4.5.